Is it time to rewrite the cybersecurity rulebook?
This year’s Fujitsu Forum was all about digital transformation. But you can’t talk about digital transformation without also mentioning the accompanying increase in security threats.
When you connect everything you open up vast, previously inaccessible streams of data. While commercial opportunities have increased as a result, so have the number of opportunities for cybercriminals to harvest and profit from private information (also known as the attack vector).
As you can imagine there were plenty of exciting cybersecurity conversations happening at Fujitsu Forum 2016.
Here are some of the key things you need to know…
Security no longer an IT issue
One thing became crystal clear as I listened to speakers throughout Fujitsu Forum 2016: cybersecurity is no longer exclusively an IT issue – it is very much a business issue.
This sentiment was certainly shared by Fujitsu’s John Swanson as he joined a panel of security experts during the media day, suggesting the issue can have a massive impact on consumer confidence.
“Every week a new cybersecurity issue is reported in the press,” he said. “And for consumers it’s about trust – if they don’t trust your company they won’t join you on your digital journey. So for organisations it’s about upholding their reputation.”
As such, he argued, security “must underpin digital transformation.”
The cybersecurity skills shortage
The global cybersecurity skills shortage will impact 2 million jobs by 2017, according to the UK House of Lords’ Digital Skills Committee.
This is going to cause a huge headache for brands and consumers alike as the need for rock-solid online security increases.
Symantec’s Jamie Johnson suggested increased cybersecurity threats and the potential future cybersecurity skills shortage are two of the most important digital transformation points to address.
“Today’s cyber adversaries are no longer hackers in dark rooms,” he said. “They are educated, skilled professionals.”
He said companies are finding it tough to keep up with security threats, but he took it one step further and suggested many organisations may not even be aware they’ve been breached.
“Customers tell me they don’t have enough time or resources,” he said. “They don’t know where to focus their energy.”
Jamie blamed the problem on “a lack of security talent,” with organisations “losing track of who’s accessing data when and where” as a result.
New ways of thinking required
With cybersecurity threats evolving faster than most can keep up, the old approaches to defence simply aren’t fit for purpose anymore.
Fujitsu’s EMEIA head of enterprise and cybersecurity Rob Norris suggested we should adapt to the new environment.
“We need to move from just fixing cybersecurity issues to really understanding how cyber criminals work,” he said. “AI tools, for example, can help proactively look for patterns in ways humans can’t.”
DHL’s Markus Voss said that almost anything a business does these days involves data in some capacity, and that data needs to be protected.
“You have to put proper boundaries in place,” he said. “Otherwise you may end up destroying more than you create. Just one missing piece of the puzzle could cause chaos.”
You only need to look at some of the high-profile data breaches we’ve seen this year to realise Markus is speaking the truth.
The key to overcoming such dangers, he said, is in “opening up – having completely new information security strategies.”
Could AI be the key to success?
As for what those new approaches and strategies could be, the talk of the event was artificial intelligence (AI).
Fujitsu’s Dr Joseph Reger argued it’s the only way we can possibly hope to keep on top of evolving cybersecurity threats in future.
“You need to be able to discover previously unknown attack patterns as they happen, in real time,” he explained. “This is something no human security expert can do.”
But machine learning, he argued, can do it in some cases. He talked about how an AI can be trained to spot anomalies in vast sets of data far too large for people to comb through manually, and that eventually the AI will be able to spot those anomalies immediately before they’ve had a chance to do any damage.
“It sounds like magic,” he joked. “But it does work.”
Check out our Secure Thinking page for much more insight and advice around cybersecurity